From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 70D44A0351;
	Sun, 27 Feb 2022 21:11:13 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 038D240683;
	Sun, 27 Feb 2022 21:11:13 +0100 (CET)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com
 [66.111.4.25]) by mails.dpdk.org (Postfix) with ESMTP id 7EC8B40042
 for <dev@dpdk.org>; Sun, 27 Feb 2022 21:11:12 +0100 (CET)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46])
 by mailout.nyi.internal (Postfix) with ESMTP id 157075C0094;
 Sun, 27 Feb 2022 15:11:12 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute2.internal (MEProxy); Sun, 27 Feb 2022 15:11:12 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=monjalon.net; h=
 cc:cc:content-transfer-encoding:content-type:date:date:from:from
 :in-reply-to:in-reply-to:message-id:mime-version:references
 :reply-to:sender:subject:subject:to:to; s=fm3; bh=c7wRTmUEctyOAg
 dcz60O7VkWmqFggR8FHZsYd7l/JnE=; b=HSUi5LcHZ/VhkpXLD1RWSfQQ2I1YAH
 yJVBHQaIbN5U3N9icDjONA4uOwDb/3HUqnXflABb5RiZyfNZuaP3QH6eRfPfvJ4Z
 UqZku9utuFXAC4h48EwVBZL7pxa3YJBeGdL1mqERWgC3crEV/P0+xHuBKM8AHhWu
 VFv1KV1IQFZRLnSuPHpiZqySTCuj80436EGx0fQlaSOemv1kYeePrtGc66ObgZk3
 OjxMAf3jxNpdPx0qZhHR+PflGUElS6LnDipp9OMKu28UotV2pVUCzEtsn5Zu1Bsw
 uPZknP2CoB+BjVk3zaTto4cENF/s35tr1sb22GkroQk/3pw6yYYquYQA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:cc:content-transfer-encoding
 :content-type:date:date:from:from:in-reply-to:in-reply-to
 :message-id:mime-version:references:reply-to:sender:subject
 :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
 :x-sasl-enc; s=fm2; bh=c7wRTmUEctyOAgdcz60O7VkWmqFggR8FHZsYd7l/J
 nE=; b=mvmhpAl0z7NqO4G0BhQjuUrSVMJbncw74pBQjOIGvumWqvpAThueOPSGy
 w3yuh1PYymCkK5v8aFymilZr47Scu73jpMd6h5ziZdH/sOMgMyicDGPn91tMQT2U
 VpbzSdUm8m1ZZLmr2XTC1UCKovFYghSYrHBJla9iDOZPaparulZyeVh5aR9UbvNZ
 1pIh1ScAxA34bpziurCHSKG7Ldr/hOFjuYJpmi9B/BliU6S4p1V5mdIOAP+ZCR0M
 Sp7NxqBrrgbwp91eMWRIoSe4tr/Bxt2taNNBRrvIxhGFHRTNjbzVchdnHCy6dfUV
 jAwK+RKVMB4gSjtwzujEN1xGa7XtA==
X-ME-Sender: <xms:39obYusBvze64vCLC3roOXKOkp1iH5JCMs_LAu4PEEBooV2kEQ_Amg>
 <xme:39obYjcPpy5g2hI2zZ2pFqfvxigPztDb1RAW2i5abx5iNiFyqVAHrY9OVTcDD8oKk
 vNbp_uWshSik2SAGA>
X-ME-Received: <xmr:39obYpw84aQHN8X__r0fs5bu8afjr7tNQrH0xCnTAdRLdqVn7V8bTJkLXOaXQuxS1Ux0Ju1mIQ8pJz8UHny98pmJJw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddrleekgddufedvucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
 cujfgurhephffvufffkfgjfhgggfgtsehtufertddttddvnecuhfhrohhmpefvhhhomhgr
 shcuofhonhhjrghlohhnuceothhhohhmrghssehmohhnjhgrlhhonhdrnhgvtheqnecugg
 ftrfgrthhtvghrnhepudeggfdvfeduffdtfeeglefghfeukefgfffhueejtdetuedtjeeu
 ieeivdffgeehnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrh
 homhepthhhohhmrghssehmohhnjhgrlhhonhdrnhgvth
X-ME-Proxy: <xmx:39obYpNiDv3_NyyLrFPzyyLqF-xTY15dfBrGTS9KNeGH7-lXD6Ku6g>
 <xmx:39obYu_Od0HntbnYj7KFHWQaAaauMTc6aWZkLUW8uyLbGeZoji9OZg>
 <xmx:39obYhVyKAsuAVhRa7EHgbkHRMiDul8W8MBkJuGKm1dlIU7QiGImMA>
 <xmx:4NobYgIrTvDH_xoI7ooD3Yo00HsgAsMa4Esn67VvUCQz_EIwf_u9hg>
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun,
 27 Feb 2022 15:11:10 -0500 (EST)
From: Thomas Monjalon <thomas@monjalon.net>
To: "Min Hu (Connor)" <humin29@huawei.com>
Cc: dev@dpdk.org, iryzhov@nfware.com, Ferruh Yigit <ferruh.yigit@intel.com>
Subject: Re: [PATCH v2] kni: fix use-after-free when kni release
Date: Sun, 27 Feb 2022 21:11:09 +0100
Message-ID: <3979221.CQOukoFCf9@thomas>
In-Reply-To: <48145833-dde0-2e7f-798f-2fbbe2b179bc@intel.com>
References: <20220128024336.26961-1-humin29@huawei.com>
 <b25d0245-3cc1-4938-f462-736b774b816b@intel.com>
 <48145833-dde0-2e7f-798f-2fbbe2b179bc@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

15/02/2022 20:11, Ferruh Yigit:
> On 2/14/2022 6:41 PM, Ferruh Yigit wrote:
> > On 2/9/2022 7:35 AM, Min Hu (Connor) wrote:
> >> From: Huisong Li <lihuisong@huawei.com>
> >>
> >> The "kni_dev" is the private data of the "net_device" in kni, and allocated
> >> with the "net_device" by calling "alloc_netdev()". The "net_device" is
> >> freed by calling "free_netdev()" when kni release. The freed memory
> >> includes the "kni_dev". So After "kni_dev" should not be accessed after
> >> "net_device" is released.
> >>
> > 
> > The problem description looks valid and change looks good to me,
> > 
> > only list_del after remove is like this for years, I wonder how
> > it is not caught until now, or if we are missing something, I
> > want to test some before ack, which I will do in next few days.
> 
> 
> Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>

Applied, thanks.